diff --git a/pages/docs/local/helm_chart.mdx b/pages/docs/local/helm_chart.mdx index 9a3f98ebb..829f3f1ad 100644 --- a/pages/docs/local/helm_chart.mdx +++ b/pages/docs/local/helm_chart.mdx @@ -5,7 +5,7 @@ description: Instructions for deploying LibreChat on Kubernetes using Helm # Deployment a LibreChat Helm Chart -The following instructions guide you to deploy LibreChat on Kubernetes using Helm. At the moment, this installation method only provides running the LibreChat components, without any additional services like MongoDB or Redis. You will need to provide your own MongoDB and Redis instances. +The following instructions guide you to deploy LibreChat on Kubernetes using Helm. Note: this method was contributed by the community. If you are familiar with Helm and Kubernetes, use this guide as a reference and adjust to your needs. You can also reference other helm charts made by the community below in the [Community Helm Charts](#community-helm-charts) section. @@ -13,66 +13,35 @@ Note: this method was contributed by the community. If you are familiar with Hel * A running Kubernetes cluster * `kubectl` installed -* Having a MongoDB instance running that can be accessed from the Kubernetes cluster * Helm installed on your local machine ## Configuration -Similar to other Helm charts, there exists a [values file](https://github.com/danny-avila/LibreChat/blob/main/helmchart/values.yaml) that serves two primary functions: it outlines the default settings and indicates which configurations are adjustable. -Essentially, any setting within this values file can be modified in two main ways: - -- The first method involves creating a separate override file and specifying it when executing the install command. -- The second method involves directly setting each variable with the installation command itself. If you're planning to change numerous variables, it's advisable to use the override file approach to avoid an overly lengthy command. Conversely, for fewer adjustments, directly setting variables with the installation command might be more convenient. - - -The very end of the file sets some of [environment variables](/docs/configuration/dotenv) of the application, that should look familiar if you deployed the application before. It is the base configuration without any sensitive data. - -``` - env: - # Full list of possible values - # https://github.com/danny-avila/LibreChat/blob/main/.env.example - ALLOW_EMAIL_LOGIN: "true" - ALLOW_REGISTRATION: "true" - ALLOW_SOCIAL_LOGIN: "false" - ALLOW_SOCIAL_REGISTRATION: "false" - APP_TITLE: "Librechat" - CUSTOM_FOOTER: "Provided with ❤️" - DEBUG_CONSOLE: "true" - DEBUG_LOGGING: "true" - DEBUG_OPENAI: "true" - DEBUG_PLUGINS: "true" - DOMAIN_CLIENT: "" - DOMAIN_SERVER: "" - ENDPOINTS: "openAI,azureOpenAI,bingAI,chatGPTBrowser,google,gptPlugins,anthropic" - SEARCH: false -``` - -However, like the comment says, you could have a look at which environment variables are generally available to be modified. - -Because with only these variables set the application won't start correctly. We need to set some more variables, but those contain sensitive data. We will show 2 different ways to make use of Kubernetes features in order to configure those in a secure way. - -### Create one Kubernetes Secret with different entries -Assuming you have `kubectl` installed on your machine and you are connected to your Kubernetes cluster you can run the following command to create a respective Kubernetes secret, that can be used by the helm chart. - -``` -kubectl create secret generic librechat \ ---from-literal=CREDS_KEY=0963cc1e5e5df9554c8dd32435d0eb2b1a8b6edde6596178d5c5418ade897673 \ ---from-literal=CREDS_IV=46d727a066d5d8c4ebc94305d028fecc \ ---from-literal=MONGO_URI=mongodb+srv://:@ \ ---from-literal=JWT_SECRET=83e5c1f0e037e4f027dbdb332d54ca1bd1f12af6798700c207ed817ebd7c544b \ --from-literal=JWT_REFRESH_SECRET=83e5c1f0c037e4f027dbab332d54ca1bd1f12af6798700c207ed817ebd7c544 +1. Generate Variables Generate CREDS_KEY, JWT_SECRET, JWT_REFRESH_SECRET and MEILI_MASTER_KEY using openssl rand -hex 32 and CREDS_IV using openssl rand -hex 16. place them in a secret like this (If you want to change the secret name, remember to change it in your helm values): + +```yaml +apiVersion: v1 +kind: Secret +metadata: + name: librechat-credentials-env + namespace: +type: Opaque +stringData: + CREDS_KEY: + JWT_SECRET: + JWT_REFRESH_SECRET: + MEILI_MASTER_KEY: ``` +2. Add Credentials to the Secret Dependant of the Model you want to use, create Credentials in your provider and add them to the Secret: -- Remember to use your own values for securing sensitive environment variables like `CREDS_KEY`, `CREDS_IV`, `JWT_SECRET`, and `JWT_REFRESH_SECRET`. -- Use the [Credentials Generator](/toolkit/creds_generator) to quickly generate secure values for these variables. - -### Create one Kubernetes Secret for each configuration -This one is a bit more complicated but also allows for more fine-grained control over the secrets. For each secret, you would like to create you can run the following command. +```yaml +apiVersion: v1 +kind: Secret +. . . . + OPENAI_API_KEY: ``` -kubectl create secret generic librechat-creds-key \ ---from-literal=CREDS_KEY=0963cc1e5e5df9554c8dd32435d0eb2b1a8b6edde6596178d5c5418ade897673 -``` -... and so on for each secret. +3. Apply the Secret to the Cluster ## Install Helm Chart @@ -80,19 +49,10 @@ In the root directory run: `helm install helmchart` -Example: `helm install librechat helmchart --set config.envSecrets.secretRef=librechat` (using one Kubernetes secret for all credentials). +Similar to other Helm charts, there exists a [values file](https://github.com/danny-avila/LibreChat/blob/main/helm/librechat/values.yaml) that serves two primary functions: it outlines the default settings and indicates which configurations are adjustable. -If you used the approach where you created one Kubernetes secret for each credential you will need to do a more extensive configuration which is best placed in a separate file. Create a file with the following content: +create a values.yaml file with the values you want to change in comparison to the base values -``` -config: - envSecrets: - secretKeyRef: - - name: CREDS_KEY - secretName: librechat-creds-iv - secretKey: CREDS_KEY - <...> -``` After that you can run the following command: `helm install librechat helmchart --values ` @@ -103,7 +63,23 @@ In order to uninstall the Helm Chart simply run: `helm uninstall 2.x +If you used the chart before version 2.x you may have to change your value structure. + +1. Move Config to librechat.configEnv +```diff +- env: +- ALLOW_EMAIL_LOGIN: "true" +- ALLOW_REGISTRATION: "true" ++ librechat: ++ configEnv: ++ ALLOW_REGISTRATION: "true" ++ ALLOW_EMAIL_LOGIN: "true" +``` -- [LibreChat Helm Chart by Blue Atlas Helm Charts](https://github.com/bat-bs/helm-charts/tree/main/charts/librechat) +2. Move all your secret Values to a single Secret as described [Configuration Step 1](#configuration). +3. If you still want to use an external MongoDB instance, refer to the [values file](https://github.com/danny-avila/LibreChat/blob/main/helm/librechat/values.yaml) of the Chart, deactivate the components accordingly and change the fqdn of the Mongodb Instance. This is recommended if you already have data in your externally managed mongodb instance. + +## Community Helm Charts +- [LibreChat Helm Chart by Blue Atlas Helm Charts](https://github.com/bat-bs/helm-charts/tree/main/charts/librechat) # will be depricated soon as its migrated here - Example submitted by [@dimaby](https://github.com/dimaby) on GitHub: [PR #2879](https://github.com/danny-avila/LibreChat/pull/2879) \ No newline at end of file